Recent devices in the electronics market changed the network security landscape. The increasing prevalence of portable network-focused devices such as tablets and WiFi-capable (e.g., 802.11 capable) mobile telephones has increased the difficulty of securing wireless networks. Different devices can run a variety of operating systems, each with their own settings and capabilities, and can be difficult to identify and manage as an administrator due to their portability. It is no longer sufficient to only account for a few machine types and operating systems when developing a network access control plan.
The addition of wireless-only devices adds another layer of complexity to the control architecture. While several security algorithms exist in standard wireless networks, most depend on static keys that can be easily compromised and do nothing to facilitate unique identification of a connecting entity. Some network management components can seek to establish the identity of a connecting entity, but where the device itself furnishes information, false information can be presented. In this regard, wireless connections are ripe for exploitation by malicious entities, as unencrypted transmissions can be monitored over the air to discover information about identities on the network.
Guest networks permit roaming users to access the internet, but generally lack the security desired for networks with access to internal files or proprietary information. Further, guest networks can be inefficient, easily abused, and pose additional risks avoided by secure networks. Thus, it is appreciable that guest networks are, at best, an inelegant solution to permit some degree of access for mobile devices.
Accordingly, there is a need to identify machines that can be managed on secure networks and allow access to users employing a greater number and variety of devices.